NSIPS Cyber Engineer - Splunk Analyst | Secret Clearance

LED FastStart•New Orleans, LA

8d•$85,093 - $109,342•Onsite

About The Position

The Navy Standard Integrated Personnel System (NSIPS) is seeking a Cyber Engineer/Splunk Analyst to join their team. NSIPS is the Navy's single, field-entry, electronic pay and personnel system for all USN/USNR Sailors. As the Cyber Analyst you will: Designs develop, test, and evaluate information system security throughout the systems development life cycle Monitors and analyzes Intrusion Detection Systems (IDS) to identify security issues for remediation Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information Evaluate firewall change requests and assess organizational risk Communicates alerts to teams regarding intrusions and compromises to their network infrastructure, applications, and operating systems Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices Implements, enforces, communicates, and develops security policies or plans for data, software applications, hardware, telecommunications, and information systems security education/awareness programs Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, and external Web integrity scans to determine compliance Prepares incident reports of analysis methodology and results Implement approved Splunk SaaS architecture and design Support and maintain high availability for SaaS Splunk deployments Maintain Splunk architectural diagrams and documentation Ensure compliance with regulations and privacy laws Perform DoD system certification and accreditation activities as prescribed by IA leadership Develop and document IA processes and procedures for the environment as necessary Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research DISA Security Technical Implementation Guidelines (STIG) for an operational DoD environment, including scheduling, validation, remediation, and reporting Work with customers, software developers, network/system administrators, and others to ensure that security requirements are understood and implemented

Requirements

BS degree; 3 additional years of experience may be considered in lieu of a degree
1-2+ years of experience with log sources, including various network, host, and application logs
1-3+ years of experience in utilizing SIEM for log analysis, monitoring, and investigation
1-2+ years of experience identifying attacker tactics, techniques, and procedures
1-2+ years of experience using threat intelligence to find suspicious activities proactively and iteratively in available security telemetry
1-2+ years of experience working in a Security Operations Center (SOC) environment
1-3+ years of hands-on experience writing and optimizing detection queries using various query languages, particularly in SPL for Splunk
Demonstrated understanding of modern attack patterns and threat landscape
Demonstrated excellent analytical and problem-solving skills with the ability to identify and mitigate security risks
1-2+ years of experience in intrusion detection, security investigations, and incident response
1-3+ years of experience and working knowledge of Splunk Enterprise Security platform
1-2+ years of experience in Detection Engineering or Digital Forensics with broad knowledge of security domain
1-2+ years of experience of KQL for Microsoft Defender EDR
Demonstrated expertise in EDR, email security, and securing SaaS applications
DOD 8570 IA Level II Certification required (i.e. Security+ CE)
SECRET CLEARANCE REQUIRED TO START

Nice To Haves

CISSP, CISA, and CISM certifications preferred.

Responsibilities

Designs develop, test, and evaluate information system security throughout the systems development life cycle
Monitors and analyzes Intrusion Detection Systems (IDS) to identify security issues for remediation
Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
Evaluate firewall change requests and assess organizational risk
Communicates alerts to teams regarding intrusions and compromises to their network infrastructure, applications, and operating systems
Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices
Implements, enforces, communicates, and develops security policies or plans for data, software applications, hardware, telecommunications, and information systems security education/awareness programs
Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, and external Web integrity scans to determine compliance
Prepares incident reports of analysis methodology and results
Implement approved Splunk SaaS architecture and design
Support and maintain high availability for SaaS Splunk deployments
Maintain Splunk architectural diagrams and documentation
Ensure compliance with regulations and privacy laws
Perform DoD system certification and accreditation activities as prescribed by IA leadership
Develop and document IA processes and procedures for the environment as necessary
Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research
DISA Security Technical Implementation Guidelines (STIG) for an operational DoD environment, including scheduling, validation, remediation, and reporting
Work with customers, software developers, network/system administrators, and others to ensure that security requirements are understood and implemented